|
Secureworks MDR |
Rapid7 MDR |
|
|---|---|---|
|
Support for endpoint, network, and cloud |
yes | yes |
|
Investigation and response |
yes | yes |
| Advanced analytics | yes | no 1 |
| Threat hunting | yes 2 | yes |
|
Open platform with support for third-party integrations and automated playbooks that accelerate response |
Yes | no 3 |
|
<90 seconds for direct access to a SOC analyst with unlimited support |
yes | no 4 |
|
Use the same interface and platform as the SOC delivering MDR, with full transparency on investigations |
yes | no 5 |
|
Mixed-EDR agent environment support, with included and/or supported third-party agents |
yes | no 6 |
|
Full-service incident response available, with unlimited response for in-scope environments |
yes 7 | yes |
|
Freedom to keep or remove the managed service and take over yourself with zero technology changes |
yes | no 8 |
|
One year of raw telemetry from all sources included — plus up to five years available to support compliance needs |
yes | yes |
|
Filters the most noise from the most sources |
yes 9 | no 10 |
|
Dedicated team of 100+ threat researchers and detection algorithms powered by 40B+ unique threat and knowledge nodes |
yes 11 | no 12 |
|
Quarterly customized security maturity and performance update |
yes | no 13 |
- Rapid7 received a score of 3 in the Forrester Wave™ Q2 2023 for analytics while Secureworks scored a perfect 5.
- With Taegis™ ManagedXDR Elite, customers receive a designated threat hunter and continuous targeted threat hunting.
- Rapid7 requires customers to use their technology stack, including their EDR agent, and does not include automated playbooks for proactive response.
- Rapid7 has no in-product SOC chat feature, and customers only have access to a Security Advisor, who acts as their point of contact to the SOC.
- After Secureworks' reasonable review, Secureworks cannot find any publicly available information validating that this feature is available from Rapid7.
- Rapid7 does not support a mixed-EDR agent environment and requires customers to deploy the Rapid7 Insight Agent. Other EDR can only be ingested as syslog.
- Secureworks is one of only four companies worldwide to be accredited by both the NSA CIRA (US) and NCSC CIR (UK).
- Rapid7 uses multiple products for MDR, and organizations cannot take over themselves without technology changes.
- 99.6% of alerts we receive from third-party security products are filtered as false positives.
- After Secureworks' reasonable review, Secureworks cannot find any publicly available information validating that this feature is available from Rapid7.
- Secureworks has 100+ elite threat researchers tracking 150+ active threat groups.
- After Secureworks' reasonable review, Secureworks cannot find any publicly available information validating that this feature is available from Rapid7.
- Security posture review meetings are only included in the Advanced MDR package from Rapid7.